void-packages/srcpkgs/nvi/patches/nvi-21-exrc_writability_che...

62 lines
1.5 KiB
Diff
Raw Normal View History

2012-07-14 21:04:11 +02:00
#! /bin/sh /usr/share/dpatch/dpatch-run
## 21exrc_writability_check.dpatch by <hesso@pool.math.tu-berlin.de>
##
## DP: No description.
@DPATCH@
diff -Naur nvi-1.81.6.orig/ex/ex_init.c nvi-1.81.6/ex/ex_init.c
--- nvi-1.81.6.orig/ex/ex_init.c 2007-11-18 17:41:42.000000000 +0100
+++ nvi-1.81.6/ex/ex_init.c 2008-05-01 18:24:45.000000000 +0200
@@ -26,6 +26,9 @@
#include <string.h>
#include <unistd.h>
+#include <pwd.h>
+#include <grp.h>
+
#include "../common/common.h"
#include "tag.h"
#include "pathnames.h"
@@ -346,6 +349,9 @@
int nf1, nf2;
char *a, *b, buf[MAXPATHLEN];
+ struct group *grp_p;
+ struct passwd *pwd_p;
+
/* Check for the file's existence. */
if (stat(path, sbp))
return (NOEXIST);
@@ -359,10 +365,30 @@
}
/* Check writeability. */
- if (sbp->st_mode & (S_IWGRP | S_IWOTH)) {
+ if (sbp->st_mode & S_IWOTH) {
etype = WRITER;
goto denied;
}
+ if (sbp->st_mode & S_IWGRP) {
+ /* on system error (getgrgid or getpwnam return NULL) set etype to WRITER
+ * and continue execution */
+ if( (grp_p = getgrgid(sbp->st_gid)) == NULL) {
+ etype = WRITER;
+ goto denied;
+ }
+
+ /* lookup the group members' uids for an uid different from euid */
+ while( ( *(grp_p->gr_mem) ) != NULL) { /* gr_mem is a null-terminated array */
+ if( (pwd_p = getpwnam(*(grp_p->gr_mem)++)) == NULL) {
+ etype = WRITER;
+ goto denied;
+ }
+ if(pwd_p->pw_uid != euid) {
+ etype = WRITER;
+ goto denied;
+ }
+ }
+ }
return (RCOK);
denied: a = msg_print(sp, path, &nf1);